- 1 Ordswap, one of the biggest and most trustworthy Ordinals marketplaces developed on Bitcoin, announced a loss of control over the website.
- 2 Considering the potential risk for users, Ordswap requested users to rescue private keys and other sensitive information.
A post from Ordswap on October 9 stirred disappointment and worries among the platform users. Ordswap experienced a security breach, losing control over the website and upsurging phishing risks for users’ private keys, assets, and other sensitive information. The team is actively working to regain control and user’s confidence in the platform.
Who is Behind the Attack?
Ordswap, the biggest and world’s first Ordinals marketplace built on Bitcoin, is trapped in a security breach. The platform was mainly accountable for offering services including inscribing, auctioning, and trading Bitcoin Ordinals.
On October 9th, Ordswap warned users not to connect to the website domain as it was not in control of it.
Ordswap has undergone a security breach that lost control over the website as well as enhanced privacy concerns for the users. The platform’s website was compromised resulting in potential risk for users concerning the private keys, digital assets, and sensitive information.
Considering the incident, Ordswap’s team requested users to recover their keys and other sensitive information as soon as possible along with not performing any activity over the domain.
The compromised website directed users towards a phishing link met a distressing situation for users, and declined their trust in the platform.
Netlify, a company engaged in website development and hosting services, is a big name coming out of the case. Ordswap blamed Netlify for the security incident, showcasing the flaws related to depending on third-party service providers. However, the breach and its connection to Netlify are under investigation and are expected to be resolved soon.
Ordswap took rapid action to protect the user’s assets and information and keep them safe from attackers.
How did Ordswap Handle the Situation?
A post from Ordswap on October 10th somehow controlled the distressing situation, mainly for the users who had logged into the platform using MetaMask.
Ordswap’s team came up with an online tool mainly designed to help users recover their private keys, assets, and other sensitive information.
The tool helps the users in recovering the keys as well as shifting the user to other providers. Using the tool, users can easily import to Unisat, an open-source Chrome Extension for Bitcoin Ordinals & BRC-20.
A button featured on the website directed users to connect their crypto wallet to questionable users and was encountered by the Ordswap’s team and users.
Also, one of the X (formerly Twitter) users reported the button as a wallet drainer deployed by crypto scammers.
In addition to this, the same incident took place in late September when the website for the Ethereum-based automated market maker Balancer was compromised, taking off around $240,000 worth of funds.
Under investigation, an Ordswap team member claimed no impact of the attack on the user’s private keys or assets, offering a big relief to users.
Conclusion
One of the biggest Ordinals marketplaces built on Bitcoin, Ordswap lost control over the website amid a phishing attack. The platform requested users to recover their private keys, sensitive information, and assets using an online tool. The case is under investigation and Netlify is a big name coming out of the attempt.
Adarsh Singh is a true connoisseur of Defi and Blockchain technologies, who left his job at a “Big 4” multinational finance firm to pursue crypto and NFT trading full-time. He has a strong background in finance, with MBA from a prestigious B-school. He delves deep into these innovative fields, unraveling their intricacies. Uncovering hidden gems, be it coins, tokens or NFTs, is his expertise. NFTs drive deep interest for him, and his creative analysis of NFTs opens up engaging narratives. He strives to bring decentralized digital assets accessible to the masses.